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(54) TCP admission control 

(57) Congestion at a network node can be aggra- 
vated by having too many TCP connections. A method 
of avoiding the bad effects of too many TCP connec- 
tions is to limit the number of connections. Limiting the 
number of connections is achieved by an admission 
control (1 0) which delays or even discards the connec- 



tion set-up packets. TCP traffic flows are monitored to 
generate packet loss characteristics and when a certain 
condition is met, a connection request queue is disa- 
bled. 
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Description 

Held of the Invention 

[0001] The invention relates generally to traffic con- s 
gestion management of a data network. In particular, it 
is directed to a technique by which congestion in the 
data network is controlled by limiting new TCP connec- 
tion setups based on packet loss characteristics of the 
data network. 10 

Background of the Invention 

[0002] The current data networks are handling not 
only enormous volume of traffic but more and more is 
diversified multi media traffic, causing the data network 
to become congested more often. When congestion 
causes an excessive number of packets to be dropped! 
it can easily impact many traffic f lows, and cause many 
timeouts. By guaranteeing a certain number of traffic 20 
flows a minimum tandwidth arid treating the remainder 
as best effort, it is possible to avoid spreading high 
packet loss over so many flows and to reduce the 
number of aborted flows. Pending U. S. Patent Applica- 
tion Serial Nos. 08/772,256 filed on Dec! 23, 1996 and 25 
08/818.612 filed on Mar. 14, 1997 by the present inven- 
tors describe dynamic traffic conditioning techniques 
which make use of this concept. The dynamic traffic 
conditioning .techniques described therein allow the net- 
work to discover the nature of the service for each traffic 30 
flow, classify Jt dynamically, and exercise traffic condi- 
tioning by means of such techniques as admission con- 
trol and scheduling . when delivering the traffic 
downstream to support the service appropriately. 
[0003] Congestion at a network node can be aggra- 35 
vated by having too many TCP connections. TCP will 
adjust to try to share bandwidth among all connections 
but when the available buffer space is insufficient, time- 
outs will occur and as the congestion increases; ^ere 
will be an exponentially growing number of packets 40 
resent. The effect of having too many' connections is 
that much of the bandwidth in the upstream network, is 
wasted carrying packets' that will be divided at the 
congested node because there is. not enough buffer 
there. 45 
[0004] A simple method of avoiding the bad effects of 
too many TCP connections is to limit the number of con- 
nections or to discard one or more packets from one or 
more existing connections. Limiting the number of conr 
nections is achieved by an admission control which so 
delays or even discards the connection set-up packets. 
In the case of discarding packets, which packets and 
from which connection to discard packets are decided 
by preset algorithm© or policies. By invoking this control 
to limit the number of connections, each packet is ss 
inspected to see if it is a connection set-up packet, e.g., 
TCP SYN packet. This control packet is used to initiate 
a TCP connection and no traffic can flow, until, it is 



acknowledged by the other end of the proposed con- 
nection. 

Summary of the inventinn 

[0005] It is an object of the invention to obviate disad- 
vantages of the known methods. 
[0006] It is a further object of the invention to provide 
a method of managing a data network for congestion. 
[0007] It is a further object of the invention to provide 
a method of continuously monitoring the TCP traffic 
flows for congestion in a data network. 
[0008] It is another object of the invention to provide a 
method of managing the data network by performing 
admission control for TCP traffic. 
[0009] It is yet another object of the invention to pro- 
vide a method of managing the data network by exercis- 
ing the connection admission control for a new TCP 
connection request based on the packet loss character- 
istic. 

[001 0] Briefly stated, the invention resides in a packet 
data network for multimedia traffic having one or more 
nodes in which network one or more packets are dis- 
carded to control congestion. According to one aspect, 
a method of performing admission control to connection 
oriented traffic flows comprises steps of monitoring 
packets of all the traffic flows, deriving a packet loss 
characteristic of the traffic flows and disabling the serv- 
ing of a new connection request when the packet loss 
characteristic matches a predefined pattern. 
[0011] In another aspect, a method of performing 
admission control to TCP traffic flows comprises steps 
of storing all TCP connection setup packets in a con- 
nection request queue, monitoring packets of all active 
TCP traffic flows according to their port numbers and 
sequence numbers, and recording the count of either 
resent or discarded packets for any TCP traffic flows. 
The method further includes steps of building a history 
table .containing the history of the sequence numbers, 
port numbers, and the count of either resent or dis- 
carded packets, computing a packet loss characteristic . 
using the contents of the history table, and deciding 
enabling or disabling the connection request queue 
based on the packet loss characteristic with respect to a 
predefined pattern. 

[001 2] In a further aspect, the invention is directed to 
a TCP admission control apparatus for controlling con- 
gestion of a data network. The apparatus comprises a 
TCP output buffer for buffering and inspecting all the 
TCP packets of an incoming traffic flow, and a connec- 
tion request queue for storing new connection requests. 
The apparatus further includes a history table for storing 
traffic information with respect to the TCP packets 
inspected above to derive a packet loss characteristic, 
and a queue controller for enabling or disabling the con- 
nection request queue upon detecting the matching of 
the packet loss characteristic with a predefined pattern. 
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Brief Description of Drawings 
[0013] 

Figure 1 is a schematic diagram of the admission 
control according to an embodiment of the inven- 
tion. 

Figures 2a and 2b are a flow chart for the case 
where TCP admission control is applied in a traffic 
link. 

Figure 3 illustrates the relationship of admission 
control with the traffic conditioner. 

Figures 4a and 4b are a flow chart for the case 
where TCP admission control is applied in a router. 

Figures 5 and 6 show possible locations of admis- 
sion control of the invention. 

PeteH e fl D escrip tio n of the P r e f e rred EmbPdiments 
of the invention 

[0014] Referring to Figure 1, the TCP admission con- 
trol apparatus 10, according to one embodiment of the 
invention, includes a connection request queue 12. It is 
located at or near the output buffer 14 of a node of a 
data network, tt should be noted that an admission con- 
trol apparatus can be a separate device or can be made 
integral with or to reside in any node or link equipment; 
It should also be understood that TCP traffic flows as a 
whole can be processed by an apparatus or separate 
apparatus can be provided for each traffic flow or a 
group of traffic flows in one class. Every packet of an 
input stream is inspected and TCP packets are identi- 
fied at the output buffer 1 using, for example, source and 
destination IP addresses, source and destination port 
numbers and protocol. All new connection requests aire 
read at a connection reader 16 and are stored at the 
connection request qlieue 12. The connection request 
queue 12 is a FIFO If admission control is not invoked 
then the new connection requests will be served imrrie* 
diately by enabling the connection request queue. G tf 
admission control is switched on then they will be 
delayed. 

[001 5] The admission control detects the packets that 
are being discarded and looks for multiple successive 
packets from the same flow or multiple instances of the 
same packet, the latter being the result of packet 
resends due to packet loss or discard: The admission 
control derives some pattern of packet discards by 
using a discard measure. For convenience, this meas- 
ure is called packet loss characteristic in this specifica- 
tion. It is possble that other parameters can be used to 
indicate the state of congestion in a data network. If cer- 
tain criteria are met or the packet loss characteristic 
matches a predefined pattern, admission control is 



invoked and any new connection requests (connection 
set-up packets) will be delayed by disabling the connec- 
tion request queue or packets belonging to one or more 
existing connections will be discarded until the problem 

s clears. If a connection set-up packet is delayed too long 
(e.g., one second), it will be discarded from the queue. 
[001 6] When the packet loss characteristic shows that 
new connections can be accepted the servicing of the 
connection request queue is enabled. Waiting connec- 

10 tion requests can be served immediately or can be 
released at a controlled pace according to a predefined 
algorithm. 

[0017] The admission control apparatus therefore 
includes a small history table 18 and information about 

15 discarded packets is entered into it. When a packet is 
discarded', the flow identity (source and destination IP 
plus TCP socket number) is extracted and compared 
wrth currerrt table entries/ H the flow already has an 
entry then the history is updated. If the flow does not 

20 have an entry iand there is room for a new entry, the new 
entry is made, if "there is no room for a new entry the 
information is discarded. 

[0018] v '"Ilhe^adrrtission'.ra^rbrtan be performed on a 
traffic link or at a router ' 
25 [001 9] in the case where the admission control is per- 
formed on the traffic link, the history table contains, for 
each'active flow (or as many flows as can be handled), 
the following entiribs: 

[0020] The first entry is a cxjurft of resent packets for 

30 that floW (Total Pabket Resent). J 

[0021] The second entry is a count of how many times 
the currently recorded packet (that is the currently 
stored sequence number) has been resent (Same 
Packet Resent). ' 

35 [0022] ; The third entry is the time that the most recent 
update was made for that flow. After some period of 
inactivity the flow is taken out of the table. 
[0023] ^fhis inforiTatidn is used to look for patterns of 
dis<Srd" that^ indicate congestion problems. It is 

40 assumed that ff the sequence number on an arriving 
packet is lower than or equal to the stored value, then it 
must be a ressr^V T^e tot^L number of resends as a 
fraction of the : 'tt^^ri^ef of packets is a measure of 
d6whstrearn congestion. In this embodiment, this meas- 

45 ure is used as the packet loss characteristic. 

[0024] Seeing the same packet resent multiple times 
wili suggest that the connection is experiencing time-out 
or at least a very high loss rate. It is not usual for a 
packet to be discarded multiple times. Normally the 

so TCP protocol will adjust its window to fit the available 
bandwidth and will only lose one packet before reducing 
that window. Although TCP relies on packet loss to con- 
stantly test for available bandwidth, a packet that is dis- 
carded once will almost certainly be forwarded when it 

55 is retransmitted. Multiple instances of the same packet 
will suggest that the TCP source is experiencing time- 
out. ' ' 

[0025] r ' There will be many variations on what informa- . 



3 



<EP Q9322B2A2 I > 



EP 0 932 282 A2 



tion is stored and what algorithm is used to assess 
whether new connections should be enabled. 
[0026] It is not necessary to keep information on all 
flows since a sampled history is sufficient to detect 
problem conditions. 

[0027] Entries in the history table are removed after a 
period of time. Also, whenever admission control is 
invoked, the history table is cleaned out and starts fresh 
to get a good picture of the new loss characteristic The 
history table would be purged, in any case, at regular 
intervals to keep the history reflecting current loss char- 
acteristics. The interval would be configurable depend- 
ing on line rates and expected number of flows etc 
[0028] Figures 2a and 2b are a flow chart for the case 
where TCP admission control is applied in a traffic link 
rather than in a router. 

[0029] As mentioned earlier, the applicant's pending 
applications describe traffic conditioners and Figure 3 
shows one of such conditioners. In the Figure, a traffic 
conditioner 40 includes a plurality of queues 42 at least 
one for each class of TCP traffic. Every packet of an 
input stream is inspected and identified at 44 using for 
example, IP addresses, ports, etc. A controller 46 char- 
actenses the flow (using rate, duration, etc.) and 
assigns it a class. The controller refers to a database 48 
and uses output scheduling to allocate bandwidth 
among classes. It can implement an admission control 
policy of the present invention for a class before deliver- 
ing an output stream toward downstream nodes or to 
peripherals. In this case it is necessary to work out 
whether a packet has been discarded, by looking for a 
second copy of it passing through the link. 
[0030] In another embodiment, the admission control 
is performed in the router where the discarded packets 
can be inspected directly as the discard decision is 
made at the buffer of the router. 
[0031] In this case the history table contains, for each 
active flow (or as many flows as can be handled) the 
following entries: ' 
[0032] The first entry is a count of discarded packets 
for that flow (Total Packet Discarded). 
[0033] The second entry is a count of how many times 
the currently recorded packet (that is the currently 
stored sequence number) has been discarded (Same 
Packet Discarded). 

[0034] The third entry is the time that the most recent 
update was made for that flow. After some period of 
inactivity the flow is taken out of the table. 
[0035] This information is used to look for patterns of 
discard that indicate congestion problems. The total 
number of discards as a fraction of the total number of 
packets is a measure of buffer congestion. 
[0036] Seeing the same packet resent multiple times 
will suggest that the connection is experiencing time-out 
or at least a very high loss rate. 
[0037] There will be many variations on what informa- 
tion is stored and what algorithm is used to assess 
whether new connections should be enabled 



[0038] In another embodiment, if the admission con- 
trol is performed at the router, packets from one or more 
existing connections can be discarded to control con- 
gestion at its buffer. The discarding action can be taken 
s together with action of limiting the set-up of new con- 
nections, latter having been described above. 
[0039] Figures 4a and 4b are a flow chart for the case 
where TCP admission control is applied in a router 
rather than in a traffic link. 
10 [0040] Like the traffic conditioning of the pending 
applications, the admission control can take place at 
various places in the data network and can be biased 
toward certain kinds of TCP traffic. For example as 
gateways are often a bottleneck and bulk flows "can 
is decrease response times for interactive users an 
admission control can be located at a place shown in 
Figure 5 which will alleviate this problem. In Figure 6 
traffic conditioners are located at a plurality of IP 
switches which form a data network 60 
20 J 0041 ' Insummary, congestion at a network node can 
be aggravated by having too many TCP connections A 
simple method of avoiding the bad effects of too many 
TCP connections is to limit the number of connections 
Limiting the number of connections is achieved by an 
26 admission control which delays or even discards the 
connection set-up packets. TCP traffic flows are moni- 
tored to generate packet loss characteristics and when 
a certain condition is met. a connection request queue 
is disabled. 

30 

Claims 

1- A method of performing admission control to con- 
nection oriented traffic flows in a packet data net- 
35 work for multimedia traffic having one or more 
nodes in which network one or more packets are 
discarded to control congestion, the method com- 
prising the steps of; 



40 



45 



50 



55 



monitoring packets of all the traffic flows; 

deriving a packet loss characteristic of the traf- 
fic flows; and 

disabling the serving of a new connection 
request when the packet loss characteristic 
matches a predefined pattern. 

The method of performing admission control to traf- 
fic flows according to claim 1 wherein the connec- 
tion oriented traffic flows are TCP traffic flows and 
the step of deriving a packet loss characteristic 
comprises further steps of; 

monitoring discarded packets for the TCP traf- 
fic flows; 

generating a history table containing history of 
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the discarded packets for active TCP traffic 
flows; and 

analysing the history table to derive the packet 
loss characteristic. s 

3. The method of performing admission control, 
according to claim 2 wherein the step of generating 
the history table comprising steps of: 

10 

entering a count of discarded packets for an 
active TCP flow, and 

entering a count of how many times the cur- 
rently recorded packet has been discarded. is 

4. The method of performing admission control to con- 
nection oriented traffic flows according to claim 1 
wherein the connection-oriented traffic flows are 
TCP traffic flows and the step of deriving a packet 20 
loss characteristic comprises further steps of; 

monitoring resent packets for TCP traffic flows; 

generating a history table containing history of 25 
the resent packets for active TCP traffic flows; 
and 



analysing the history table to derive the packet 
loss characteristic. 

5. The method of performing admission control, 
according to claim 4 wherein the step of generating 
the history table comprises steps of: 

entering a count of resent packets for- an active 
TCP traffic flow, and 

entering a count of how many times the cur- 
rently recorded packet has been resent. 

6. The method of performing admission control, 
according to claim 3 or 5 further comprising steps 
of: 

storing new TCP connection requests in a con- 
nection request queue; and 

clearing all the entries of the history table 
whenever the connection request queue is re- 
enabled. 

7. The method of performing admission control, 
according to claim 3 or 5 further comprising steps 
of: 

purging all the entries of the history table peri- 
odically from time to time or after a certain pre- 



set period of time 

8. The method of performing admission control, 
according to claim 3 or 4, comprising a further step 
of enabling the serving of a plurality of new connec- 
tion requests at a controlled pace. 

9. A method of performing admission control to TCP 
traffic flows in a packet data network for multimedia 
traffic having one or more nodes in which network 
one or more packets are discarded to control con- 
gestion; the method comprising the steps of; 

storing all TCP connection setup packets in a 
connection request queue; 

monitoring packets of all active TCP traffic 
flows acoortf rig' to their port numbers and 
sequence numbers; : 

recording I the count of either resent or dis- 
carded packets for any TCP traffic flows; 

building a history table containing the history of 
' ' j : the sequ'erice numbers, port numbers, and the 
:r h courit of either resent or discarded packets; 

; computing a packet loss characteristic using 
the corrtents of the history table; and 
30 y ; ; ' :: 

- deciding enabling or disabling the connection 
request queue based on the packet loss char- 
j - acteristic with respect to a predefined pattern. 

35 10. The method of performing admission control to 
TCP traffic flows according to claim 9 wherein the 
V: step of computing a packet loss characteristic com- 
prises step of : 

40 ^ deriving 5 the total number of either resends or 

discards as a fraction of the total number of 
1 v^r- pouf\cio or trie 1 CP traTTiC ticw. 

if/ the method of performing admission control to 
45 TCP traffic flows according to claim 10, comprising 
a further step of: 

deciding to disable the connection request 
queue when the fraction reaches a preset 
so threshold. 

12. The method of performing admission control to 
TCP traffic flows according to claim 9, comprising a 
further step of: 

55 

enabling the connection request queue at a 
controlled pace. 
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13. A TCP admission control apparatus for controlling 
congestion of a data network, comprising: 

a TCP output buffer for buffering and inspecting 
all the TCP packets of an incoming traffic flow; s 

a connection request queue for storing new 
connection requests; 

a history table for storing traffic information with 10 
respect to the TCP packets inspected above to 
derive a packet loss characteristic; and 

a queue controller for enabling or disabling the 
connection request queue upon detecting the is 
matching of the packet loss characteristic with 
a predefined pattern. 

14. The TCP admission control apparatus according to 
claim 13 wherein the history table contains entries 20 
of a count of either resent or discarded packets for 
the traffic flow and the total number of TCP packet 
of the TCP traffic flow. 

25 
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